Google thinks www.2hd.com.au is a Malware Server

Written by James McDonald

December 2, 2009

Update: 2hd.com.au appears to be clean now the .cn server script includes are gone and Google is no longer warning you off when you go there.

Just tried to visit 2hd.com.au and I get this in Google Chrome:

I went to netcraft.com and it appears 2hd are running Windows 2003 and IIS6.0. A recent article on the Sydney Morning Herald site describes something similar (A site serving malware from Chinese *.cn servers) happening to JB Hi-Fi and JB appears to be running FreeBSD and Apache 1.3.x. So OS isn’t a factor in this particular hack.

The JB Hi-Fi malware problem was reported to be due to a third party ad server being compromised and then the JB servers unwittingly serving links to the bogus ads. So I wouldn’t be suprised if www.2hd.com.au has something similar happening. Of course this is an assumption.

To use a phrase from Meet the Fockers. No matter how secure your own server/s may be, you still need to make sure the servers in your “circle of trust” can be trusted also.

I remember a friend who worked for an Internet Serving company used to spend several hours a day combing through logs looking for suspicious activity. Looks like that sort of methodical inspection is required to stay ahead of potential security problems.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...